Dependency Analysis
SonaShow
Direct and transitive dependency freshness, license, and CVE exposure from the latest SBOM.
87%
Freshness
15
Dependencies
2
Outdated
0
Stale
1.5
Avg Behind
Dependency List
Latest release v0.2.11
| Dependency | Type | Current | Latest | Behind | CVE | License |
|---|---|---|---|---|---|---|
|
requests
pypi
|
Direct | 2.32.5 | 2.34.2 | 6 behind | 1 medium | Apache-2.0 |
|
flask
pypi
|
Direct | 3.1.2 | — | — | 1 low | BSD-3-Clause |
|
gunicorn
pypi
|
Direct | 25.1.0 | 26.0.0 | 3 behind | — | MIT AND HPND |
|
actions/checkout
githubactions
|
Direct | 4.*.* | — | — | — | Unknown |
|
docker/build-push-action
githubactions
|
Direct | 5.*.* | — | — | — | Unknown |
|
docker/login-action
githubactions
|
Direct | 3.*.* | — | — | — | Unknown |
|
docker/setup-buildx-action
githubactions
|
Direct | 3.*.* | — | — | — | Unknown |
|
docker/setup-qemu-action
githubactions
|
Direct | 3.*.* | — | — | — | Unknown |
|
flask-socketio
pypi
|
Direct | 5.6.0 | — | — | — | MIT |
|
gevent
pypi
|
Direct | 24.11.1 | — | — | — | MIT AND Python-2.0 |
|
gevent-websocket
pypi
|
Direct | 0.10.1 | 0.10.1 | Current | — | Apache-2.0 |
|
iso639-lang
pypi
|
Direct | 2.6.3 | — | — | — | MIT |
|
thefuzz
pypi
|
Direct | 0.22.1 | 0.22.1 | Current | — | MIT |
|
unidecode
pypi
|
Direct | 1.4.0 | — | — | — | BSD-3-Clause AND GPL-2.0 AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-only |
License Breakdown
Unknown
5
MIT
3
Apache-2.0
2
BSD-3-Clause
1
BSD-3-Clause AND GPL-2.0 AND GPL-2.0-only AND GPL-2.0-or-later AND GPL-3.0-only
1
MIT AND HPND
1
MIT AND Python-2.0
1
CVE Severity
critical
0
high
0
medium
1
low
1
unknown
0